﻿<?php

class mUser
{

	public $UID = null;
	public $Roles = null;
	public $Pages = null;

	public function __construct()
	{
	}

	public function CheckSession()
	{
		if(isset($_SESSION['sid']))
		{
			if($this->UpdateSession())
			{
				$this->Load();
				return true;
			}
			else
			{
				return false;
			}
		}
		else
		{
			return false;
		}
	}

	public function Login()
	{
		Logger::log("m-user.login", "Before login");

		global $DB;
		$this->UID = $DB->selectCell('select id from users where email = ? and password = ?', $_POST['email'], $_POST['password']);


		if($this->UID == null)
		{
			$this->Reset();
			return false;
		}
		else
		{
			$this->NewSession();
			$this->Load();
			return true;
		}
	}

	public function Logout()
	{
		$this->CloseSession();
		$this->Reset();
	}

	public function IsPageAllowed($page_code)
	{
		if($page_code == null) return true;

		for($i = 0; $i < count($this->Pages); $i++) {
			if(strtolower($page_code) ==  $this->Pages[$i]["code"])
				return true;
		}
		return false;
	}

	public function LoadUsersByRole($role_code)
	{
		global $DB;
		$users = $DB->select('SELECT u.* FROM users u, user_roles ur, roles r WHERE r.code = ? AND ur.role_id = r.id AND u.id = ur.user_id', $role_code);
		return $users;
	}

	public function RoleExists($role_code)
	{
		foreach ($this->Roles as $role) 
		{
			if($role["code"] == $role_code)
			{
				return true;
			}
		}
		return false;
	}

	private function Load()
	{
		$this->LoadRoles();
		$this->LoadPages();
	}

	private function LoadRoles()
	{
		global $DB;
		$this->Roles = $DB->select('SELECT r.id, r.code FROM roles r, user_roles ur WHERE r.id = ur.role_id AND ur.user_id = ?', $this->UID);
	}

	private function LoadPages()
	{
		global $DB;
		$this->Pages = $DB->select('SELECT DISTINCT p.id, p.code, p.sort, p.title FROM pages p, role_pages rp, roles r, user_roles ur WHERE r.id = ur.role_id AND rp.role_id = r.id AND p.id = rp.page_id AND ur.user_id = ? ORDER BY p.sort', $this->UID);
	}

	private function UpdateSession()
	{
		global $DB;
		$uid = $DB->selectCell('select user_id from user_sessions where dt_end is null and id = ?', $_SESSION['sid']);
		if($uid == null)
		{
			$this->CloseSession();
			return false;
		}
		else
		{
			$this->UID = $uid;
			$DB->query('update user_sessions set dt_act = now() where id = ?', $_SESSION['sid']);
			return true;
		}
	}

	private function CloseSession()
	{
		global $DB;
		$DB->query('update user_sessions set dt_end = now() where user_id = ? and dt_end is null', $this->UID);
	}

	private function Reset()
	{
		$this->UID = null;
		$this->Roles = null;
		unset($_SESSION['sid']);
	}

	private function NewSession()
	{
		global $DB;
		$DB->query('update user_sessions set dt_end = now() where user_id = ? and dt_end is null', $this->UID);
		$_SESSION['sid'] = $DB->query('insert into user_sessions(user_id, dt_beg, dt_act) values(?, now(), now())', $this->UID);
	}

}

